package com.company.manage.system.service;

import com.company.manage.common.base.BaseService;
import com.company.manage.common.persistence.HibernateDao;
import com.company.manage.common.security.Digests;
import com.company.manage.common.security.Encodes;
import com.company.manage.common.utils.DateUtils;
import com.company.manage.system.dao.UserDao;
import com.company.manage.system.entity.User;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;


/**
 * Created by HuangYong on 2016/1/22.
 * desc: 用户service
 */
@Service
@Transactional(readOnly = true)
public class UserService extends BaseService<User, Integer> {
    private static final String TAG = "UserService";

    /**
     * 加密方法
     */
    public static final String HASH_ALGORITHM = "SHA-1";
    public static final int HASH_INTERATIONS = 1024;
    private static final int SALT_SIZE = 8;    //盐长度

    @Autowired
    private UserDao userDao;

    @Override
    public HibernateDao<User, Integer> getEntityDao() {
        return userDao;
    }

    /**
     * 设定安全的密码，生成随机的salt并经过1024次 sha-1 hash
     *
     * @param user
     */
    private void entryptPassword(User user) {
        byte[] salt = Digests.generateSalt(SALT_SIZE);
        user.setSalt(Encodes.encodHex(salt));

        byte[] hashPassword = Digests.sha1(user.getPlainPassword().getBytes());

        user.setPassword(Encodes.encodHex(hashPassword));

    }

    /**
     * 判断是否超级管理员 (需要修改的)
     *
     * @param id
     * @return
     */
    private boolean isSupervisor(Integer id) {
        return id == 1;
    }

    /**
     * 保存用户
     *
     * @param user
     */
    @Transactional(readOnly = false)
    public void save(User user) {
        entryptPassword(user);
        user.setCreateDate(DateUtils.getSysTimestamp());
        userDao.save(user);
    }

    /**
     * 修改用户密码
     *
     * @param user
     */
    @Transactional(readOnly = true)
    public void updatePwd(User user) {
        entryptPassword(user);
        userDao.save(user);
    }

    @Transactional(readOnly = true)
    public void delete(Integer id) {
        if (!isSupervisor(id)) {
            userDao.delete(id);
        }
    }

    /**
     * 按登录名查询用户
     *
     * @param loginName
     * @return
     */
    public User getUser(String loginName) {
        return userDao.findUniqueBy("loginName", loginName);
    }

    /**
     * 验证原密码是否正确
     * @param user
     * @param oldPassword
     * @return
     */
    public boolean checkPassword(User user, String oldPassword) {
        byte[] salt = Encodes.decodeHex(user.getSalt());
        byte[] hashPassword = Digests.sha1(oldPassword.getBytes(), salt, HASH_INTERATIONS);
        if (user.getPassword().equals(Encodes.encodHex(hashPassword))) {
            return true;
        } else {
            return false;
        }
    }

    /**
     * 修改用户登录
     * @param user
     */
    public void updateUserLogin(User user){
        user.setLoginCount(user.getLoginCount() == null?0:user.getLoginCount());
        user.setPreviousVisit(user.getLastVisit());
        user.setLastVisit(DateUtils.getSysTimestamp());
        update(user);
    }
}